Security of your data is our number one priority
Your data is only yours. We don’t share it. We don’t copy it. We don’t modify it. We don’t access it without your permission. The only thing we do with your data is keep it 100% secure at all time. If you decide to leave us, just ask and we will remove all of your data permanently. We’ve put all our efforts into maintaining security and confidentiality of your company data. We want you to sleep tight too.
All Productive accounts have secure access over HTTPS (SSL), the same security standard online banking uses. We use all the standard practices for high level security. Every account is password protected. All passwords pass through a one-way hash-and-salt technique before storing them in the database. This practice ensures password can’t be read or used in any way.
Only a small subset of members of the Productive team have direct access to the live database. This access is granted on a need-to-know basis and is tightly controlled.
You make decisions about your data
If you decide to leave us, you get a full copy of your database. Contact us and we’ll provide you with all your data. Want to access your data via API? No problem, we have you covered. Visit https://developer.productive.io/ for more information on how our API works.
60 seconds. Nearly 60 backups
Every few seconds we take automatic database snapshots. We store them for 30 days. We do manual database snapshots once every month and store them for half a year. We have a standby replica of the database in case something physically happens to the original one. Everything is backed up in real time so that your data is safe.
99% uptime service promise
We guarantee an uptime service level of over 99%.
You can check out the status of our services by visiting http://status.productive.io.
Our system is closely monitored 24/7. If anything happens, we know about it immediately and can react. There are real time reports in place that ensure we’re ready to fix the problem.
Your credit card is safe with us
We use Stripe as a credit card processor. Card information storage, transmission and processing is completely PCI-Compliant. Every transaction is processed with the same high level secure encryption just as it is in a bank. We don’t store your credit info nor do your credit card numbers pass through our servers at any time.
Every piece of equipment our team uses is regularly updated. All workstations have full disk encryption at rest. We regularly apply critical patches and ensure there is no malware on any device.
Servers access and location
We use Amazon AWS services as our hosting provider. Our servers are part of the Amazon AWS infrastructure and hosted in the EU. The actual location of these data centers is known only to Amazon employees who have a legitimate business need to have such information. Amazon provides highly secure architecture and restriction of unauthorized access.
Amazon is well known for its highly controlled data centers in many countries. They have a robust physical security program with multiple certifications, including an SSAE 16 certification. A number of physical controls are in place to prevent any kind of unauthorized access. If you want to know more, please visit https://aws.amazon.com/security/